Despite some recent gains by law enforcement, ransomware remains a pernicious problem for companies large and small. Here's how eight experts advise preparing for ransomware attacks.
Today: Figma's Abhi Mathur explains how the company created its collaboration tool and overhauled its databases for scale, Red Hat outlines an open-source AI platform strategy, and the latest funding rounds in enterprise tech.
Figma's collaboration tools are a hit with designers thanks to its decision to take a page from the gaming software playbook and rebuild its databases for "infinite scale."
Today on Runtime: Harness CEO Jyoti Bansal on CI/CD, SBOMs, and golf; Google's AI "Code Red" makes its public debut; and this week in enterprise tech moves.
Runtime comes out three times a week on Tuesdays, Thursdays, and Saturdays. Tell a friend!
Stand and deliver
Jyoti Bansal knows he works more hours than the average Silicon Valley executive, which is already a pretty high bar to clear. But that's the price you pay for running four companies simultaneously: a startup incubator (BIG Labs), a seed venture fund (Unusual Ventures), a $450 million cybersecurity company (Traceable), and Harness, a continuous delivery (CD) company that has raised $425 million in funds and was last valued at $3.7 billion.
In a recent interview, he discussed the Biden administration's push for software bill of materials (SBOMs) requirements, supply-chain security worries, and the calendar-juggling feats needed to run four companies.
On moving safely at speed:
Jyoti Bansal: Most people have wanted the speed of shipping things quickly, but most of the larger enterprises haven't fully gotten there.
The thing that was always important for them is like, it's not just the speed. Facebook had this tagline "move fast and break things" and if you go and take it to a large bank, and say "move fast and break things is how we move fast," it just doesn't work there, right?
Velocity is only one part. You have to bring (security, cost management, compliance), and that's the only way to ship to production every day.
On the push for SBOMs:
I think it's a must-have idea. Almost every piece of software that someone is shipping is composed of so many things now. It's similar to when you buy a car, and the car is composed of so many pieces that someone assembled together; like, you don't build a car, you assemble a car, really. That's how it is in software.
Everyone got a shock when the Log4J vulnerability came out. Log4J is everywhere, and people still can't easily figure out the answer, like, "tell me all the pieces of software that are deployed where I'm vulnerable to this thing." And figuring it out was months upon months of work for many people.
On time management:
I really think in terms of not time management, I think in terms of impact management; where can I make the most impact, where I can move the needle significantly. Most of the time, I'm a product guy, so it's about innovation and setting the right product goals, but many times, it could be raising capital or hiring the right people or some kind of go-to-market strategy, pricing strategy … whatever it is. Where I can make the most impact is (where) I like to spend time.
So instead of saying, I spent 30% time here, 40% I'm here this much, it's really focused on making an impact and having the right people around to do that. That said, I do work longer hours than most people, but it's my choice. It's not like anyone asked me to, because that's what I like to do; I don't have interest in playing golf for six hours, you know. This is my passion. So that makes it a bit easier.
Read the full interview on Runtime.
Like this interview? Wish we'd asked something else? Email us your thoughts in 250 words or less to be considered for the "Letters to the Editor" section in Saturday's Runtime newsletter.
In through the out door
Microsoft enjoyed some of the most uncritical feedback in modern tech media history (and that's saying something) earlier this year when it decided, after spending decades and hundreds of millions of dollars developing its own AI technology, to go in a completely different direction by putting an AI startup's tools at the heart of its business strategy. There's no question, however, that Microsoft caught Google off guard, and the search company that developed many of the techniques used by OpenAI got its turn in the spotlight this week.
CEO Sundar Pichai focused mostly on consumer-facing applications for Google’s AI technology, such as new search capabilities, but Google Cloud also jumped into the coding assistant market with Duet AI. That product is based on a foundation model called Codey, which is definitely the Most Google name they could have picked.
Like it was with ChatGPT and search, Google Cloud is well behind Microsoft and AWS in this space, following the launch of GitHub's Copilot in 2021 and AWS's Code Whisperer a year ago. But there are a lot of developers in Google's orbit, and it's hard to believe that should Duet AI prove to be the better tool, developers outside that orbit would ignore something that can help them get their jobs done faster.
Enterprise moves
Mike Abbott, who ran Apple's cloud infrastructure and development teams until earlier this year, joined GM as executive vice president of software.
Pat Tang was named vice president of research and development at quantum computing company IonQ, following a decade at Amazon's Lab126.
Pat Sheridan was hired at Sophos as senior vice president of Americas sales, after a stint at Trellix.
David Ruggiero started work at Outreach as President of Go-To-Market, which I think we used to call sales.
Elon Musk said he's stepping down as Twitter CEO to become CTO and executive chairman upon the hiring of a new, unnamed, CEO, which in enterprise tech is known as "the Larry Ellison."
Have a new executive hire to announce? Email us to be considered for this section next Thursday.
The Runtime roundup
Microsoft agreed to buy electric power from fusion startup Helion, which might actually be able to deliver energy from fusion in five years, maybe, they're pretty sure?
AWS open-sourced two projects related to software supply-chain security, as the cloud leader continues a push to put its historic reputation for being more of a taker than a giver in open-source circles in the past.
AWS also won as much as $1 billion in tax breaks from Morrow County in Eastern Oregon to expand its us-west-2 region by up to five new data centers.
Coinbase spent $65 million on Datadog's observability services in 2022 before dramatically reducing that spend in 2023 following the crypto crash.
Sonatype laid off 14% of its workforce, which, don't worry, "does not reflect systemic issues in our business, threats to our vision, or an absence of investment going forward," the supply-chain security company told employees.
Thanks for reading! See you Saturday!
Today: how international law enforcement agencies took down one of the most notorious ransomware operators, how two communities are dealing with a surge in data-center building, and the latest funding rounds in enterprise tech.
Today: Figma's Abhi Mathur explains how the company created its collaboration tool and overhauled its databases for scale, Red Hat outlines an open-source AI platform strategy, and the latest funding rounds in enterprise tech.
Today: how Microsoft plans to rebuild trust in its security culture, Big Tech engineers are burning out on the AI hype cycle, and the quote of the week.
Today: A pair of security incidents show why corporate attention on magical AI solutions should wait, why CoreWeave's latest funding round shows that it probably won't, and the latest moves in enterprise tech.
